This invention relates to a technology for safely distributing a virtual computer on a cloud computing platform and authenticating the virtual computer.
As computer resources are becoming more integrated and more enhanced in performance due to advancement in a semiconductor technology, further progress is being made in a virtualization technology aiming at effective use of the computer resources and reduction in operation cost. In addition, a standard (open virtual format; OVF) for distributing a virtual server (virtual machine; VM) as an image file has penetrated the market, allowing the virtual server to be operated on an arbitrary physical server.
On the other hand, applications executed on the physical server include a large number of applications that can be executed under a certain limitation such as a license.
In a case where a large number of VMs for executing such applications as described above on a cloud system, it is necessary to verify whether or not the application on each VM is being executed in accordance with a license contract and to verify the VM itself. The VM is verified because it is necessary to examine whether or not the VM itself has been tampered due to a root kit, malware, or the like, to have the application executed illegally.
There is known a method of using a trusted platform module (TPM) as a method for the physical server to verify integrity on a boot (see US 2009/0204964 and US 2011/0202765). The TPM is a chip built into hardware of the physical server, and hardware and software specifications thereof are developed by Trusted Computing Group (TCG). Examples of the TPM are disclosed in US 2009/0204964 and US 2011/0202765.
In addition, there is also known a technology for emulating a physical TPM by using a virtual TPM in order for a hypervisor to verify the integrity on the boot of the VM. An example thereof is disclosed in “vTPM: Virtualizing the trusted platform module”.